DefenseCode ThunderScan Static Application Security Testing (SAST)

DefenseCode ThunderScan is a SAST (Static Application Security Testing, WhiteBox Testing) solution for performing extensive security audits of application source code. ThunderScan is easy to use, requires almost no user input and can be deployed during or after development. It is an efficient alternative to the demanding and time-consuming procedure of manual code reviews. ThunderScan performs fast and accurate analyses of large and complex source code projects delivering precise results and low false positive rate.

Application source code analysis is the best and most comprehensive way to assure your application is free of security vulnerabilities (SQL Injections, Cross Site Scripting Vulnerabilities, File Inclusion, Code Execution, etc.).

DefenseCode ThunderScan is designed to perform comprehensive security assessment of desktop, web and mobile application source code and it has repeatedly proven its effectiveness by discovering critical vulnerabilities in popular open source applications.

Key Benefits

Ease of use

Accuracy

Speed

Low false positive rate

Supports a wide range of programming languages

Supported Languages/Platforms:

C#

Java

PHP

ASP

VB.Net

Visual Basic

VBScript

Python

Ruby

Javascript

Node.js

Android Java

IOS Objective C

PL/SQL

C

C++

ThunderScan scans for more than 30 vulnerability types (including OWASP Top 10) in desktop, web and mobile applications developed on various platforms using different development environments and frameworks. Some of these are listed below: